mirror of https://github.com/wolfSSL/wolfssl.git
Fix for building with TLS 1.3 only when AES CBC is enabled. Algorithm is allowed to be enabled, but the AES CBC cipher suites should not be. Fixed AEAD enable to check AES CBC based on `HAVE_AES_CBC` define.
parent
b12386fbb1
commit
389f56b5c7
|
@ -249,6 +249,11 @@
|
|||
|
||||
#ifndef WOLFSSL_MAX_STRENGTH
|
||||
|
||||
#ifdef WOLFSSL_AEAD_ONLY
|
||||
/* AES CBC ciphers are not allowed in AEAD only mode */
|
||||
#undef HAVE_AES_CBC
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_AEAD_ONLY
|
||||
#if !defined(NO_RSA) && !defined(NO_RC4)
|
||||
#if defined(WOLFSSL_STATIC_RSA)
|
||||
|
@ -282,7 +287,7 @@
|
|||
#define BUILD_SSL_RSA_WITH_IDEA_CBC_SHA
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif /* !WOLFSSL_AEAD_ONLY */
|
||||
|
||||
#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
|
||||
#if !defined(NO_SHA) && defined(HAVE_AES_CBC)
|
||||
|
|
|
@ -1548,7 +1548,7 @@ extern void uITRON4_free(void *p) ;
|
|||
#endif
|
||||
|
||||
#if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_NO_TLS12)) || \
|
||||
(defined(NO_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \
|
||||
(!defined(HAVE_AES_CBC) && defined(NO_DES3) && defined(NO_RC4) && \
|
||||
!defined(HAVE_IDEA) && !defined(HAVE_NULL_CIPHER) && !defined(HAVE_HC128))
|
||||
#define WOLFSSL_AEAD_ONLY
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue